Open
Cached
·
just now
88/100
SECURITY SCORE
Certificate Information
Subject
CN=selfserve.automegawarehouse.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 28, 2026
Valid Until
April 28, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:8F:6C:39:FC:6E:BF:B4:90:1E:51:8C:05:33:F5:07:1B:2F:0F:C9:66:4E:82:34:03:09:AA:A6:94:6D:F7:E5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Present
allow-from https://arcgis.com
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), encrypted-media=(), fullscreen=(self), geolocation=(self), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
locate.dev.utah.gov
1stbet-web.dev.1stbet.com
mta-sts.9007.jp
artworks.aesthetes.com
www.aprillatech.com
aromaklinikken.com
soporte.astitel.com.mx
selfserve.automegawarehouse.com.au
spseclasspilot.auxswot.com
www.bensolarenergia.com.br
services.bigstarsoftwares.com.br
breeztravel.com
beta.api.bulletn.co
callmeozpa.com
hotspacestudio.co.kr
www.misungink.co.kr
archive.coderesting.dev
techvarsity.com.ng
ganapp.pointwest.com.ph
contenterra.com
cynthia-song.com
reviews.dein-ruf.de
devexpweb.com
www.doa.id
app.domoblock.io
alumniuemk.uem.edu.in
eduardaduarte.com
content.electro.mw
www.electrokhandan.com
ellindero.es
ensymn.com
fanstaq.com
www.financialfun.org
app.flytag.com
friture-delnoye.nl
gabaregulatory.com
play-dev.gera.fan
tiendademo.gestioninformatica.com
docs.gestios.es
giant9.com
www.ginooddone.com
music.grifdail.fr
dl.guru.taxi
blog.hiddenlogin.com
hogarizarme.com
indicamaisarbore.com.br
inmaeya.com
pagos-gmm.inter.mx
interior-define.com
s.jobs7.in
www.knafeh-king.com
agents.kwikpay.in
dsl.leaguesquare.com
nextjs-blog-redirect.lowsk.com
super.minutebox.xyz
montri.fr
app.nautime.io
nealmangaokar.com
vault.netlaw.com
newmaison.jp
nextgenscmsummit.com
octobookapp.com
lms-admin.oesonlearning.com
onewaytaxies.com
www.onyxtransport.ng
peerdrop.com
pay.pesepay.com
tour-your-way-dev.powerproleasing.com
covidzones.prasoon.me
prealyse.com
projetecgroup.com
ridwankamil.purwana.net
www.robertholmberg.fi
app.rocker.com
buyer.prod.samridh.ai
scorecast.live
scubadivingcompanion.com
seblauzsuckmyballs.xyz
skate-team.info
snailjetapp.com
socialproofme.com
sophiessweetswv.com
spatzvomdach.com
app.alpha.standards.site
api.dev.suscripciones.co
tscan4.tapdo.dev
www.tayloratodd.com
projects.tectonicapps.com
the-pathfinder.org
app.tokodistributor.com
travelsupernova.com
search.travelumrah.co.uk
app.trueilm.com
tstructures.com
urrutialeal.com.mx
valditi.com.mx
vegatech.es
app.willsg.top
5th.youstar.live
www.zaraca.ca
Other domains in certificate